| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-2053 | 6.8 |
Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service (pluto IKE daemon crash) and possibly execute arbitrary code
|
13-02-2023 - 04:42 | 09-07-2013 - 17:55 | |
| CVE-2013-6466 | 5.0 |
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. Per: http://cwe.mitre.org/data/definitions/476.html
"CWE-476: NULL Poin
|
29-07-2019 - 14:24 | 26-01-2014 - 20:55 | |
| CVE-2011-4073 | 4.0 |
Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continu
|
29-07-2019 - 14:24 | 17-11-2011 - 19:55 | |
| CVE-2011-3380 | 5.0 |
Openswan 2.6.29 through 2.6.35 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto IKE daemon crash) via an ISAKMP message with an invalid KEY_LENGTH attribute, which is not properly handled by the error handling
|
29-07-2019 - 13:26 | 17-11-2011 - 19:55 | |
| CVE-2010-3753 | 6.5 |
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banner) field, a different vulnerability than CVE-2010-
|
29-07-2019 - 13:26 | 05-10-2010 - 22:00 |